AtoZ: an automatic traffic organizer using NetFPGA

This paper introduces AtoZ, an automatic traffic organizer that provides endusers with control of how their applications use network resources. Such an approach contrasts with the moves of many ISPs towards network-wide application throttling and provider-centric control of an application’s network-usage. AtoZ provides seamless per-application traffic-organizing on gigabit links, with minimal packet-delays and no unintended packet drops. The AtoZ combines the high-speed packet processing of the NetFPGA with an efficient flow-behavior identification method. Currently users can enable AtoZ control over network resources by prohibiting certain applications and controlling the priority of others. We discuss deployment experience and use real traffic to illustrate how such an architecture enables several distinct features: high accuracy, high throughput, minimal delay, and efficient packet labeling — all in a low-cost, robust configuration that works alongside the home or enterprise access-router.

[1]  Scott Shenker,et al.  Core-stateless fair queueing: achieving approximately fair bandwidth allocations in high speed networks , 1998, SIGCOMM '98.

[2]  Thorsten von Eicken,et al.  U-Net: a user-level network interface for parallel and distributed computing , 1995, SOSP.

[3]  Marco Canini,et al.  Efficient application identification and the temporal and spatial stability of classification schema , 2009, Comput. Networks.

[4]  Andrei Broder,et al.  Network Applications of Bloom Filters: A Survey , 2004, Internet Math..

[5]  A. Kumar,et al.  Space-Code Bloom Filter for Efficient Per-Flow Traffic Measurement , 2006, IEEE Journal on Selected Areas in Communications.

[6]  George Varghese,et al.  New directions in traffic measurement and accounting , 2002, CCRV.

[7]  H. Jonathan Chao,et al.  Multiprotocol Label Switching , 2002 .

[8]  Eric C. Rosen,et al.  Multiprotocol Label Switching Architecture , 2001, RFC.

[9]  Sally Floyd,et al.  Wide-area traffic: the failure of Poisson modeling , 1994 .

[10]  Maurizio Dusi,et al.  Tunnel Hunter: Detecting application-layer tunnels with statistical fingerprinting , 2009, Comput. Networks.

[11]  Nevil Brownlee,et al.  On the Variability of Internet Host Interactions , 2008, IEEE GLOBECOM 2008 - 2008 IEEE Global Telecommunications Conference.

[12]  David L. Black,et al.  Definition of the Differentiated Services Field (DS Field) in the IPv4 and IPv6 Headers , 1998, RFC.

[13]  Haoyu Song,et al.  Snort offloader: a reconfigurable hardware NIDS filter , 2005, International Conference on Field Programmable Logic and Applications, 2005..

[14]  Konstantina Papagiannaki,et al.  Toward the Accurate Identification of Network Applications , 2005, PAM.

[15]  Eddie Kohler,et al.  The Click modular router , 1999, SOSP.

[16]  Richard P. Martin,et al.  - 1-On Using Intelligent Network Interface Cards to support Multimedia Applications , 1998 .

[17]  Ying Li,et al.  DaVinci: dynamically adaptive virtual networks for a customized internet , 2008, CoNEXT '08.

[18]  Haoyu Song,et al.  Fast hash table lookup using extended bloom filter: an aid to network processing , 2005, SIGCOMM '05.

[19]  John W. Lockwood,et al.  SIFT: snort intrusion filter for TCP , 2005, 13th Symposium on High Performance Interconnects (HOTI'05).

[20]  Ramya Devi Sundaram Multiprotocol Label Switching , 2003 .

[21]  Dario Rossi,et al.  Revealing skype traffic: when randomness plays with you , 2007, SIGCOMM '07.

[22]  Vern Paxson,et al.  The shunt: an FPGA-based accelerator for network intrusion prevention , 2007, FPGA '07.

[23]  Keir Fraser,et al.  Arsenic: a user-accessible gigabit Ethernet interface , 2001, Proceedings IEEE INFOCOM 2001. Conference on Computer Communications. Twentieth Annual Joint Conference of the IEEE Computer and Communications Society (Cat. No.01CH37213).

[24]  EDDIE KOHLER,et al.  The click modular router , 2000, TOCS.

[25]  Renata Teixeira,et al.  Early application identification , 2006, CoNEXT '06.

[26]  Maurizio Dusi,et al.  Traffic classification through simple statistical fingerprinting , 2007, CCRV.

[27]  Vern Paxson,et al.  Bro: a system for detecting network intruders in real-time , 1998, Comput. Networks.

[28]  Martin Roesch,et al.  Snort - Lightweight Intrusion Detection for Networks , 1999 .

[29]  Laurent Moll,et al.  Systems performance measurement on PCI Pamette , 1997, Proceedings. The 5th Annual IEEE Symposium on Field-Programmable Custom Computing Machines Cat. No.97TB100186).

[30]  Sebastian Zander,et al.  A preliminary performance comparison of five machine learning algorithms for practical IP traffic flow classification , 2006, CCRV.

[31]  Antony I. T. Rowstron,et al.  Network exception handlers: host-network control in enterprise networks , 2008, SIGCOMM '08.

[32]  Glen Gibb,et al.  NetFPGA--An Open Platform for Gigabit-Rate Network Switching and Routing , 2007, 2007 IEEE International Conference on Microelectronic Systems Education (MSE'07).

[33]  Christos Gkantsidis,et al.  HomeMaestro: Order from Chaos in Home Networks , 2008 .

[34]  Anja Feldmann,et al.  Enriching network security analysis with time travel , 2008, SIGCOMM '08.

[35]  Michalis Faloutsos,et al.  BLINC: multilevel traffic classification in the dark , 2005, SIGCOMM '05.